List:Internals« Previous MessageNext Message »
From:Michael Widenius Date:January 5 2002 2:09pm
Subject:Re: MySQL design comments. --skip-grant-tables
View as plain text  
Hi!

>>>>> "Alexander" == Alexander Keremidarski <salle@stripped>
> writes:

Alexander> Michael Widenius wrote:
>> Hi!
>> 
Alexander> * Passwordless root by default.
Alexander> * Using root as MySQL Admin User
Alexander> * Listening on TCP by default
Alexander> and so on 
>> 
Alexander> Being root I always vote against defaults
>> 
>> This is something that we can't easily change;  If we would force a
>> password, we would get more emails that we can handle about users that
>> have a problem starting or using MySQL.
>> 
>> When you have a LOT of users, you must make things a bit less secure
>> by default to get things to work at all.
>> 
>> Regards,
>> Monty
>> 
>> 
Alexander> Hi,
Alexander> I don't agree. Very often I see (irc, webforums etc.) following question:

>> error: 'Access denied for user: 'root@localhost' (Using password: YES)'
>> what am i doing wrong?

This happens if:

- The user has used a wrong password.
- The user is using a password, but one has not defined a password for
   MySQL.

Alexander> I mean that install procedure is not clear already. Many people don't 
Alexander> notice message at the end of my_install_db
Alexander> Simple change in this script like prompting user for password or even 
Alexander> --password= option will make it more clear and will prevent such mass 
Alexander> emails.

We can't do this for RPM's, as there is no option to type a password
in these (during initial installation)

Alexander> There is another point. I vote against using user root for MySQL admin
> user.
Alexander> Many users (unix) are confused with this. They can't see difference 
Alexander> between Shell User and MySQL User. I hope you will aggree that MySQL 
Alexander> Admin and Server Admin are different roles, but with current default 
Alexander> install it is hindered.

We have thought about this a great deal.  The problem is that if we
would have chosen something else, the user would have yet another thing to
remember.  Changing this would also cause a lot of confusion among old
MySQL users; What is worse, all the numerous published books that
describes MySQL would contain wrong information.

It's way too late to do a change like this.

Alexander> Something well known as Oracle: scott/tiger sounds better

Alexander> This is just my point of view of course. 

Alexander> Meanwhile I can bet there will be not so many emails comlaining if you 
Alexander> force users to setup password during install.

I am sure you would loose your bet..

Alexander> Forward all such emails to me I will answer all of them within couple of 
Alexander> hours :)

Tempting, but not practical :)

Regards,
Monty
Thread
MySQL design comments. --skip-grant-tablesAlexander Keremidarski3 Jan
  • MySQL design comments. --skip-grant-tablesMichael Widenius4 Jan
  • Re: MySQL design comments. --skip-grant-tablesAlexander Keremidarski4 Jan
    • Re: MySQL design comments. --skip-grant-tablesMichael Widenius5 Jan